Page 497 - 2015 Security in Telecommunications and Information Technology
P. 497
Unleashing the potential of the Internet of Things 5
8.7 Security and privacy protection capabilities
The security and privacy protection group includes communication security capability, data
management security capability, service provision security capability, security integration capability,
mutual authentication and authorization capability, and security audit capability.
• Communication security capability involves the abilities of supporting secure, trusted and
privacy-protected communication [C-7-1].
• Data management security capability involves the abilities of providing secure, trusted and
privacy-protected data management [C-7-2].
• Service provision security capability involves the abilities of providing secure, trusted and
privacy-protected service provision [C-7-3].
• Security integration capability involves the abilities of integrating different security policies
and techniques related to the variety of IoT functional components [C-7-4].
• Mutual authentication and authorization capability involves the abilities of authenticating and
authorizing each other before a device accesses the IoT based on predefined security policies
[C-7-5].
• Security audit capability involves the abilities of monitoring any data access or attempt to
access IoT applications in a fully transparent, traceable and reproducible way based on
appropriate regulation and laws [C-7-6].
NOTE – These security and privacy protection capabilities include also the ability of coping with the security
and privacy protection issues for operations across different domains.
9 IoT capabilities for integration of key emerging technologies
The following clauses describe the IoT capabilities for integration of some key emerging
technologies, in alignment with the IoT capabilities list provided in Annex A. In the following
clauses, the capability numbers, as shown in Annex A, are put between square brackets "[ ]" and
inserted at the end of each paragraph describing the corresponding capability.
Clauses 9.1 and 9.2 describe the additional IoT capabilities for integration of cloud computing
technologies and big data technologies.
NOTE – This Recommendation does not prevent more additional capabilities for integration with the IoT of
other emerging technologies, such as network function virtualization and software-defined networking, to be
considered further.
9.1 Capabilities for integration of cloud computing technologies
Owing to the high scalability, energy efficiency and deployment efficiency requirements of the IoT,
there are some great challenges in the deployment of the IoT. Some key features of cloud computing
technologies, such as virtualization and resource sharing, can help to improve scalability, energy
efficiency (i.e., reduce the energy consumption) and deployment efficiency (e.g., reduce the memory
and bandwidth usage) for the IoT. Additional capabilities for the integration of cloud computing
technologies with the IoT are required.
With the integration of cloud capabilities of the infrastructure capabilities type [b-ITU-T Y.3500] into
the IoT, the IoT infrastructure can be deployed utilizing these cloud capabilities. In this way, the IoT
infrastructure can increase its scalability for computing, data storage and other aspects, and also
increase energy efficiency. The capability of accessing virtual processing resources and the capability
of accessing virtual storage resources are required in order to integrate with cloud capabilities of the
infrastructure capabilities type.
Rec. ITU-T Y.4401/Y.2068 (03/2015) 483